1. Forum
  2. tqwNet
  3. TQW GENTECH

  • Microsoft finally ends using SMS codes for account sign-in with

    From TechnologyDaily@1337:1/100 to All on Tuesday, May 19, 2026 17:45:25
    Microsoft finally ends using SMS codes for account sign-in with passkeys officially taking over

    Date:
    Tue, 19 May 2026 16:35:00 +0000

    Description:
    Microsoft believes that the future of authentication is passwordless, secure, and user-friendly.

    FULL STORY ======================================================================Copy link Facebook X Whatsapp Reddit Pinterest Flipboard Threads Email Share this article 0 Join the conversation Follow us Add us as a preferred source on Google Newsletter Subscribe to our newsletter Microsoft says it will phase
    out SMS authentication and recovery due to rising fraud risks The company is shifting toward passwordless methods like passkeys and verified email for account security Researchers have warned of browserbased flaws in passkey workflows, but SMS remains widely criticized as unsafe for 2FA Windows 11
    will soon no longer be able to authenticate or recover your Microsoft account via SMS after the company revealed it is phasing out the feature.

    In a new advisory published on the Microsoft website, the company said it
    will start phasing out SMS because SMS-based authentication is now a leading source of fraud. It did not give a specific timeline when the phase-out might complete, but instead stressed that the future of authentication is passwordless, secure, and user-friendly. Latest Videos From You may like UK security agency officially declares passkeys superior to passwords passkeys should be the 'first choice' for authentication Microsoft is introducing
    Entra passkeys to Windows so tough luck if your device is jailbroken, as
    your credentials will soon be gone forever The downfall of the login is redefining security Are passkeys really that superior to passwords? By moving to passwordless accounts, passkeys, and verified email, we're helping you
    stay ahead of evolving threats while making account access simpler and more seamless, the advisory reads.

    Passkeys work differently than passwords and OTP secrets. Instead of typing something you can forget or steal, a passkey uses a pair of cryptographic keys: one stored on device and one stored by the service.

    When a user logs in, the device proves it has the right key using things like a fingerprint, a facial scan, or device PIN. The actual secret key never leaves the device, making passkeys more secure against phishing and data leaks.

    They have been touted as a more superior solution that will, after decades, finally kill the password . Are you a pro? Subscribe to our newsletter Sign
    up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed! Contact me with news and offers from other Future brands Receive email from us on behalf of our trusted partners or sponsors By submitting your information you agree to the Terms & Conditions and Privacy Policy and are aged 16 or over.

    However, not everyone agrees - in 2025, SquareX researchers presented new findings which claim the very browsers relied upon to manage passkey
    workflows can be exploited in ways that bypass their protections.

    Passkeys are a highly trusted form of authentication, so when users see a biometric prompt, they take that as a signal for security, SquareX researcher Shourya Pratap Singh said at the time. What they dont know is that attackers can easily fake passkey registrations and authentication by intercepting the passkey workflow in the browser. This puts pretty much every enterprise and consumer application, including critical banking and data storage apps, at risk.

    In any case, phasing out SMS for any form of authentication is worthy of praise. For years now, security researchers have warned that SMS should not
    be used for 2FA or any other form of authentication, since SIM-swapping has made it quite easy to take over peoples accounts and wreak havoc.

    Via Windows Latest The best antivirus for all budgets Our top picks, based
    on real-world testing and comparisons

    Read our full guide to the best antivirus 1. Best overall: Bitdefender Total Security 2. Best for families: Norton 360 with LifeLock 3. Best for mobile: McAfee Mobile Security Follow TechRadar on Google News and add us as a preferred source to get our expert news, reviews, and opinion in your feeds.



    ======================================================================
    Link to news story: https://www.techradar.com/pro/security/microsoft-finally-ends-using-sms-codes- for-account-sign-in-with-passkeys-officially-taking-over


    --- Mystic BBS v1.12 A49 (Linux/64)
    * Origin: tqwNet Technology News (1337:1/100)